25 Sep 2001 GJF   » (Apprentice)

Damn! We've suffered a number of virus attacks recently.

My Linux boxes have been logging Code Red attacks for weeks. Then recently a virus managed to send itself to one of my mailing lists (so now I've worked out how to bounce attachments sent to Majordomo according to MIME type).

Now we've actually been hit by Nimda - which is probably the nastiest I've seen. It infected two of our test servers, trashing one. This one has four different transmission mechanisms. E-mail, http (infected web servers), buffer overrun attacks on IIS, and through unprotected network shares on the LAN. Quick check for Nimda... search a Windows drive for exe or dll files containing the string: R.P.China ....

My Linux servers have not themselves been compromised, but I am concerned that there are buffer overrun exploits which they are vulnerable to - I guess I'm just going to have to swot up on this...

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!